The word ransomware generates more than 32 million 'hits' via Google. And if you simply key in cyber, you'll get over 700 million. It just goes to show how 'hot' the subject is. The fifth webinar during the Annual Event Resilience was all about cybercrime.
The key question in our own studio in the Ververbond building in The Hague today was how insurers can keep cybercrime out? One of the ways insurers are trying to do that is through the i-CERT partnership. Ferdinand Vroom of Nationale-Nederlanden was the first speaker to explain how.
"Fortunately, cybercrime is a non-competitive topic"
Making a fist via i-CERT
In i-CERT , six large insurers work together with small(er) insurers to collect, process and share information about cybercrime with each other. In daily practice, it means that one of the six larger insurers runs a service every two weeks. Information about attacks, hostage-taking, phishing emails, hacks, etc. can be reported and shared - supported by the Centre for Combating Insurance Crime. The information is analyzed there, further distributed and possibly signaled.
Vroom: "Fortunately, cybercrime is a non-competitive topic and we can work together on this, because i-CERT has already proven to be very valuable." For example, on the operational level, messages are shared daily "and if Facebook doesn't do it for a while, things will explode completely", he says with a wink.
About once or twice a month, reports are shared among the participating insurers and of course Vroom took the opportunity to point out the joining of forces mainly to smaller companies. "i-CERT ensures that we can warn each other, but also share our best practices . A win-win for large and smaller insurers."
Forensics
Information expert Pim Takkenberg, who also sits at the table and later becomes a speaker, is very charmed by the approach. "This is unique, especially because there is often trepidation among companies to share that you have been attacked. Unjustified, by the way, if you ask me, because sometimes you tell something that benefits someone else and the next time it's the other way around."
Takkenberg is General Manager of Northwave and does not turn his heart into a murder pit. "We are an information security company and will never compete on security. The problem is far too great. We're going to have to do it together. If it is convenient, we therefore share our information and best practices."
Northwave also assists customers when things have gone wrong and, according to him, a forensic investigation in particular provides a clear picture of who you are actually dealing with. "And the better you know how your opponent operates, the better you can fight it."
No crooks
Takkenberg, who discussed the tactics of the cybercriminals in an earlier interview , emphasizes that the attackers are not digital crooks. "They are first-class puddles, serious criminals who operate in well-organized groups and know exactly what they want. Where they have been identified, they have a price tag of five, six, seven million dollars on their heads. Report it to the FBI and you can stop working."
He hears it more often, people who think that the cybercriminals have targeted the organization. "That's a misunderstanding. They try to gain access and only then go and see what can be achieved. It works exactly the same as with the regular burglaries. If your door is tightly closed, they will go to the neighbors."
"Some criminals have a price tag of 5 to 7 million dollars on their heads"
Pay or not?
He reveals part of a phone conversation he had with a Russian criminal for a customer. This clearly shows that there is indeed only one goal: to make money. The Russian threatens, we will continue to attack you for months, so pay now.
The question arises at the table with one of the tablemates: If you pay, are you also rid of it? "Of this group, yes," says Takkenberg, "but of course you have to take steps, including a good backup strategy, so that you become less vulnerable. And the perverse thing about these criminals is that they charge between 0.4 and two percent of the organization's annual turnover, but also reveal how they got in when you pay. You will be given the key and you will be told what steps they have gone through. I've received a 120-page report."
Takkenberg therefore advises to always contact the attackers. "On average, a company is offline for three weeks and negotiation can provide important information. But don't do that yourself. I sometimes see the examples of ICT professionals who try to do the trick, but that is not recommended. Trust me, it's really a profession!"
Put yourself in the shoes of the fraudster
Vincent Dolfin of Covenant Partner Cognizant emphasized in his introduction that insurers can learn from credit card companies, among other things. "In the world of credit cards, a lot of transactions take place. And unfortunately, there is also a lot of fraud. A large American bank has therefore decided to tackle this fraud in a completely different way. The bank has been at the home of fifteen fraudsters caught and has asked them to find out why someone is cheating."
This has yielded important results. The analysis shows, among other things, that obtaining a credit card is very time-consuming and tiring, while fraud is very easy. "The credit card company uses behavioral science to analyze both the available information and the fraud itself in a different way," Dolfin explains.
He calls the methodology an eye-opener and at the same time very logical, because "only when you understand the behavior of a fraudster can you use the right technology to fight the fraud."
Pssst... do you already know that the Covenant organizes the Boef de Baas event on Wednesday 3 November? In four webinars, spread over the day, attention is paid to prevention through innovation around the themes of cybercrime, fraud and insurance crime. Sign up & watch and join the discussion!
Was this article useful?